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AMENDMENTS TO THE CLAIMS 



1 1 . (currently amended) A method of assigning a network address to a host based on 

2 authentication for a physical connection between the host and an intermediate device, the 

3 method comprising the computer-implemented steps of: 

4 receiving, at the intermediate device from a first server that provides authentication and 

5 authorization, in response to a request for authentication for the physical 

6 connection, first data indicating at least some of authentication and authorization 

7 information; 

8 receiving, at the intermediate device from the host, a first message for discovering a 

9 logical network address for the host; 

10 generating a second message based on the first message and the first data; and 

' 1 1 sending the second message to a second server that provides the logical network address 

12 for the host; 

13 wherein an authenticator process performs said step of receiving the first data; a relay 

14 agent process for the second server performs said steps of receiving the first 

15 message and sending the second message; the relay agent process is separate from 

16 the authenticator process; and generating the second message further comprises 

17 sending a third message, from the authenticator process to the relay agent process, 

18 based on the first data . 

1 2. . (canceled) 

1 3. (currently amended) A method as recited in Claim 1 , wherein: 

2 an authenticator proces s perform s said step of rec e iving the first data; 

3 a r e lay ag e nt proc e ss for th e s e cond s e rv e r p e rforms said steps of r e c e iving the first 

4 m e ssage and sending the second message; 

5 the relay ag e nt proc e s s is s e parat e from the auth e nticator proc e ss; and 

6 said-step of generating the second message further comprises the steps of: 

7 storing second data based on the first data by the authenticator process; and 

8 retrieving the second data by the relay agent process in response to said step of 

9 receiving the first message. 
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1 4. (original) A method as recited in Claim 1, wherein the first server is an 

2 authentication, authorization and accounting server. 

1 5. (original) A method as recited in Claim 4, wherein the first server is a RADIUS 

2 protocol server. 

1 6. (original) A method as recited in Claim 1, wherein the physical connection 

2 comprises an Ethernet interface card on the intermediate device. 

1 7. (original) A method as recited in Claim 1, wherein the physical connection 

2 comprises a wireless Ethernet encryption key and time slot. 

1 8. (original) A method as recited in Claim 1, wherein the request for authentication is 

2 based on an Institute of Electrical and Electronics Engineers (IEEE) 802. lx standard. 

1 9. (original) A method as recited in Claim 1, wherein the second message is based on a 

2 dynamic host configuration protocol (DHCP). 

1 10. (original) A method as recited in Claim 1, wherein: 

2 the first data includes user class data indicating a particular group of one or more 

3 authorized users of the host; and 

4 said step of generating the second message is further based on the user class data. 

1 11. (original) A method as recited in Claim 1 , wherein: 

2 the first data includes credential data indicating authentication is performed by the first 

3 server; and 

4 said step of generating the second message is further based on the credential data. 
1 12.-24. (canceled) 

1 25. (currently amended) A computer-readable medium carrying one or more sequences of 

2 instructions for assigning a network address to a host based on authentication for a physical 

3 connection between the host and an intermediate device, which instructions, when executed by 

4 one or more processors, cause the one or more processors to carry out the steps of: 
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5 receiving, at the intermediate device from the host, a message for discovering a logical 

6 network address for the host; 

7 retrieving, from a persistent store at the intermediate device, first data indicating at least 

8 some of authentication and authorization information received from a first server 

9 that provides authentication and authorization in response to a request for 

10 authentication of the physical connection; 

1 1 generating a second message based on the first message and the first data; and 

12 sending the second message to a second server that provides the logical network address 

13 for the host; 

14 wherein an authenticator process performs said step of receiving the first data; a relay 

15 agent process for the second server performs said steps of receiving the first 

16 message and sending the second message; the relay agent process is separate from 
' 17 the authenticator process; and generating the second message further comprises 

18 sending a third message, from the authenticator process to the relay agent process, 

19 based on the first data. , 

1 26. (currently amended) An apparatus for assigning a network address to a host based on 

2 authentication for a physical connection between the host and an intermediate device, 

3 comprising: 

4 means for receiving, from a first server that provides authentication and authorization, in 

5 response to a request for authentication for the physical connection, first data 

6 indicating at least some of authentication and authorization information; 

7 means for receiving, from the host, a first message for discovering a logical network 

8 address for the host; 

9 means for generating a second message based on the first message and the first data; and 

10 means for sending the second message to a second server that provides the logical 

1 1 network address for the host; 

12 wherein an authenticator process performs said step of receiving the first data; a relay 

13 agent process for the second server performs said steps of recei ving the first 

14 message and sending the second message; the relay agent process is separate from 

15 the authenticator process; and generating the second message further comprises 

16 sending a third message, from the authenticator process to the relay agent process, 

17 based on the first data. 
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1 27. (currently amended) An apparatus for assigning a network address to a host based on 

2 authentication for a physical connection between the host and an intermediate device, 

3 comprising: 

4 a network interface that is coupled to a data network for receiving one or more packet 

5 flows therefrom; 

6 a physical connection that is coupled to the host; 

7 a processor; 

8 one or more stored sequences of instructions which, when executed by the processor, 

9 cause the processor to carry out the steps of: 

10 receiving, through the network interface from a first server that provides 

1 1 authentication and authorization, in response to a request for 

12 authentication for the physical connection, first data indicating at least 

1 3 some of authentication and authorization information; 

14 receiving, through the physical connection from the host, a first message for 

15 discovering a logical network address for the host; 

16 generating a second message based on the first message and the first data; and 

17 sending through the network interface the second message to a second server that 

1 8 , provides the logical network address for the host; 

19 wherein an authenticator process performs said step of receiving the first data: a relay 

20 agent process for the second server performs said steps of receiving the first 

21 message and sending the second message; the relay agent process is separate from 

22 the authenticator process; and generating the second message further comprises 

23 sending a third message, from the authenticator process to the relay agent process, 

24 based on the first data. 
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